Network device data erasure

ABSTRACT

A method includes determining, by a computer device, device information for a network device communicatively coupled to the computer device. The method includes retrieving, from a server device, a configuration file corresponding to the device information as determined. The method includes resetting the network device using the configuration file as retrieved. The method includes clearing user-addressable storage locations of the network device. The method includes outputting an indication of whether resetting the network device was successful and whether clearing the user-addressable storage locations of the network device was successful.

CROSS-REFERENCE TO RELATED APPLICATION

This application is related to U.S. Nonprovisional patent applicationSer. No. 17/481,899, filed Sep. 22, 2021 and entitled “Network DeviceData Erasure,” the content of which is incorporated by reference in itsentirety.

FIELD OF THE TECHNOLOGY

At least some embodiments disclosed herein relate generally to networkdevices. More specifically, embodiments disclosed herein relategenerally to network devices and erasing data from the network devices.

BACKGROUND

Network devices such as, but not limited to, network switches, routers,access points, network cards, and the like include configuration detailsspecific to the particular device. These configuration details can beconfigured by a user. In some situations, the user may, for example,return a network device to the manufacturer or third party that may beinterested in removing the configuration details specific to theparticular device as configured by the user.

SUMMARY

In some embodiments, a method includes determining, by a computerdevice, device information for a network device communicatively coupledto the computer device. In some embodiments, the method includesretrieving, from a server device, a configuration file corresponding tothe device information as determined. In some embodiments, the methodincludes resetting the network device using the configuration file asretrieved. In some embodiments, the method includes clearinguser-addressable storage locations of the network device. In someembodiments, the method includes outputting an indication of whetherresetting the network device was successful and whether clearing theuser-addressable storage locations of the network device was successful.

In some embodiments, the method includes removing a passcode from thenetwork device prior to determining the device information for thenetwork device.

In some embodiments, in response to removing the passcode from thenetwork device being unsuccessful, the method includes outputting anerror message.

In some embodiments, the method includes determining whether a serialnumber in the configuration file corresponds to a format of allowedserial numbers, and outputting an indication of whether the serialnumber in the configuration file corresponds to the format of allowedserial numbers.

In some embodiments, in response to determining the serial number in theconfiguration file does not correspond to the format of allowed serialnumbers, the method includes outputting an indication that the networkdevice cannot be reset.

In some embodiments, resetting the network device using theconfiguration file as retrieved comprises performing a factory reset ofthe network device and backing up firmware of the network device.

In some embodiments, the method includes restoring the firmware of thenetwork device after clearing the user-addressable storage locations ofthe network device.

In some embodiments, the method includes displaying the indication ofwhether resetting the network device was successful and whether clearingthe user-addressable storage locations of the network device wassuccessful.

In some embodiments, the method includes determining, by the computerdevice, device information for a second network device communicativelycoupled to the computer device. In some embodiments, the method includesretrieving, from the server device, a second configuration filecorresponding to the device information as determined. In someembodiments, the method includes resetting the second network deviceusing the configuration file as retrieved. In some embodiments, themethod includes clearing user-addressable storage locations of thesecond network device. In some embodiments, the method includesoutputting an indication of whether resetting the second network devicewas successful and whether clearing the user-addressable storagelocations of the second network device was successful.

In some embodiments, the second network device and the network deviceare connected communicatively coupled to the computer device forprocessing concurrently.

In some embodiments, a system includes a processing device. In someembodiments, the processing device is configured to execute instructionsto determine, by a computer device, device information for a networkdevice communicatively coupled to the computer device. In someembodiments, the processor is configured to retrieve, from a serverdevice, a configuration file corresponding to the device information asdetermined. In some embodiments, the processor is configured to resetthe network device using the configuration file as retrieved. In someembodiments, the processor is configured to clear user-addressablestorage locations of the network device. In some embodiments, theprocessor is configured to output an indication of whether resetting thenetwork device was successful and whether clearing the user-addressablestorage locations of the network device was successful. In someembodiments, the system includes a display device configured to displaya graphical user interface (GUI) based on the indication.

In some embodiments, the system includes a device, wherein the deviceincludes a plurality of ports for concurrently communicatively couplingthe network device to the computer device along with a second networkdevice.

In some embodiments, each port of the plurality of ports includes apower inlet, a first communication inlet, and a second communicationinlet.

In some embodiments, the first communication inlet is a universal serialbus (USB) port.

In some embodiments, the second communication inlet is an ethernet port.

In some embodiments, the processing device is configured to remove apasscode from the network device prior to determining the deviceinformation for the network device.

In some embodiments, in response to removing the passcode from thenetwork device being unsuccessful, the processing device is configuredto output an error message

In some embodiments, resetting the network device using theconfiguration file as retrieved comprises performing a factory reset ofthe network device and backing up firmware of the network device.

In some embodiments, the processing device is configured to determinewhether a serial number in the configuration file corresponds to aformat of allowed serial numbers, and outputting an indication ofwhether the serial number in the configuration file corresponds to theformat of allowed serial numbers.

In some embodiments, a non-transitory computer-readable storage mediumincludes instructions, that when executed by a processor, cause theprocessor to perform a method. In some embodiments, the method includesdetermining, by a computer device, device information for a networkdevice communicatively coupled to the computer device. In someembodiments, the method includes retrieving, from a server device, aconfiguration file corresponding to the device information asdetermined. In some embodiments, the method includes resetting thenetwork device using the configuration file as retrieved. In someembodiments, the method includes clearing user-addressable storagelocations of the network device. In some embodiments, the methodincludes outputting an indication of whether resetting the networkdevice was successful and whether clearing the user-addressable storagelocations of the network device was successful.

BRIEF DESCRIPTION OF THE DRAWINGS

References are made to the accompanying drawings that form a part ofthis disclosure and illustrate embodiments in which the systems andmethods described in this Specification can be practiced.

FIG. 1 shows a system for erasing data from network devices, accordingto some embodiments.

FIG. 2 shows a system for erasing data from network devices, accordingto some embodiments.

FIG. 3 shows an example device for connecting a plurality of networkdevices to the system of FIG. 1 or 2 , according to some embodiments.

FIG. 4 shows a flowchart of a method for erasing a network device,according to some embodiments.

FIG. 5 shows a graphical user interface of the systems of FIG. 1 or 2 ,according to some embodiments.

FIG. 6 shows a block diagram illustrating an internal architecture of anexample of a computer, according to some embodiments.

Like reference numbers represent the same or similar parts throughout.

DETAILED DESCRIPTION

Network devices such as, but not limited to, network switches, routers,access points, network cards, and the like include configuration detailsspecific to the particular device. These configuration details can beconfigured by a user. In some situations, the user may, for example,return a network device to the manufacturer or third party that may beinterested in removing the configuration details specific to theparticular device as configured by the user. Improved methods forerasing and resetting the network devices are desired.

Embodiments of this disclosure relate generally to systems and methodsfor erasing network devices. In some embodiments, a system can include acomputer device in electronic communication with a server device over anetwork to retrieve specific information for resetting correspondingnetwork devices. In some embodiments, the systems and methods enable aportion of the instructions to be stored on the computer device anddistributes the device specific information for resetting thecorresponding network devices. In some embodiments, advantageously, thesystems and methods described herein can reduce ability of improperaccess to a computer device to reset network devices.

FIG. 1 shows a system 10 for erasing data from network devices,according to some embodiments. The system 10 can be used for theoperations described in accordance with the methods described herein forerasing data from a network device.

The system 10 can include a computer device 12 in communication with aserver device 14 through a network 16. The system 10 can also include adevice 18 for connecting a network device 20 for erasure.

The computer device 12 can include an application that permits a user toconnect the network device 20, reset the network device 20 to itsfactory settings, and erase user-addressable storage locations of thenetwork device 20. Erasing these locations can, for example, remove anyconfiguration settings that a prior user had saved on the network device20. The resetting and erasing can be performed, for example, on anetwork device 20 that has been received for refurbishing or the like.The computer device 12 includes a display for showing progress andreporting statuses of the resetting and erasing. Example GUIs are shownand described in additional detail below. The computer device 12 mayinclude a portion of the resetting and erasing functionality, whileanother portion may require interaction with the server device 14. Thiscan, for example, prevent hijacking of the process at the computerdevice 12 or other unauthorized resetting and erasing of the networkdevice 20.

The server device 14 can include an application that permits the user toreset and erase the network device 20. In some embodiments, theapplication on the server device 14 can receive one or more details ofdevice information from the computer device 12 and be configured toprovide one or more configuration files to the computer device 12 inreturn. Collectively, the computer device 12 and the server device 14can reset and erase the network device 20.

The network 16 may be referred to as the communications network 16.Examples of the network 16 include, but are not limited to, a local areanetwork (LAN), a wide area network (WAN), the Internet, or the like. Thecomputer device 12 can transmit data via the network 16 through awireless connection using Wi-Fi, Bluetooth, or other similar wirelesscommunication protocols. The computer device 12 can transmit data viathe network 16 through a cellular, 3G, 4G, 5G, or other wirelessprotocol.

In some embodiments, the device 18 is configured to be capable ofconnecting a plurality of network devices. In some embodiments, thedevice 18 can be configured to be capable of connecting up to 20 networkdevices concurrently. In some embodiments, the device 18 can beconfigured to enable connection of more than 20 network devices. In someembodiments, the device 18 can be configured to enable connection ofless than 20 network devices. Additional details about the device 18 areshown and described in accordance with FIG. 3 below.

FIG. 2 shows the system 10 of FIG. 1 for erasing data from networkdevices, according to some embodiments. For simplicity of thisSpecification, aspects FIG. 2 that have already been described relativeto FIG. 1 are not described in additional detail.

As illustrated, the system 10 includes a first hub 22 and a second hub24.

The first hub 22 is communicatively coupled to the computer device 12.The first hub 22 can be a USB hub configured to provide a plurality ofUSB connections. In some embodiments, the size of the USB hub can beselected to match a number of ports on the device 18.

The second hub 24 is communicatively coupled to the computer device 12.The second hub can be a switch configured to provide a plurality ofethernet ports. In some embodiments, the size of the switch can beselected to match a number of ports on the device 18.

FIG. 3 shows the device 18 for connecting a plurality of network devicesto the system 10 of FIG. 1 or 2 , according to some embodiments.

The device 18 includes a plurality of ports 26. The number of the ports26 can be selected to determine a number of network devices (e.g.,network device 20 of FIGS. 1-2 ) that can be connected to the computerdevice 12 (FIGS. 1-2 ) concurrently.

Each port 26 includes a power inlet 28, a communication inlet 30, and acommunication inlet 32. In some embodiments, the power inlet 28 isconfigured to receive a power line from a network device. In someembodiments, the communication inlet 30 is configured to enable thenetwork device to communicate with the computer device 12. In someembodiments, the communication inlet 30 can be a universal serial bus(USB) port. In some embodiments, the communication inlet 32 can be anethernet port configured to receive an ethernet connection from thenetwork device.

FIG. 4 shows a flowchart of a method 40 for erasing a network device(e.g., the network device 20 of FIG. 1 ), according to some embodiments.

At block 42, the computer device 12 removes a passcode from the networkdevice 20. In some embodiments, if the computer device 12 is unable toremove the passcode, the method 40 includes outputting an error at block44. In some embodiments, the error can be output and displayed on a userinterface of the computer device 12.

If the passcode was successfully removed at block 42, the method 40includes reading device information from the network device 20 at block46. The device information can include, for example, a model number, aserial number, a MAC address, any combination thereof, or the like.

Optionally, at block 48, the method 40 can include checking whether theserial number retrieved at block 46 corresponds to a format of allowedserial numbers. For example, a range of serial numbers may be indicativeof a particular manufacturer or particular device type of the networkdevice 20. The computer device 12 can verify whether the serial numberas read corresponds to a subset of serial numbers identified as beingallowed. If the serial number does not correspond to the allowed serialnumbers, the method 40 can include outputting an indication that thenetwork device 20 cannot be erased at block 50.

If block 48 results in the serial number corresponding to the allowedserial numbers, or the optional block 48 is not present, the methodincludes retrieving a configuration file for the network device 20 fromthe server device 14 at block 52.

At block 54, the network device 20 is reset using the configurationfile.

At block 56, user-addressable storage locations of the network device 20are erased. In some embodiments, a 3-pass clearing that is compliantwith the National Institute of Standards and Technology (NIST) isperformed for the erasing at block 56. In some embodiments, a differentnumber of passes may be used.

At block 58 the firmware is restored on the network device 20. At block60, if the clearing and the restoration of the firmware were successful,the computer device 12 outputs an indicator that the process wassuccessful. In some embodiments, the output being successful can bedisplayed in a GUI to the user of the computer device 12 so that thenetwork device 20 can be disconnected. At block 62, if the clearing therestoration were unsuccessful, and error message can be output.

FIG. 5 shows a graphical user interface (GUI) 100 of the system 10 ofFIG. 1 or 2 , according to some embodiments. The GUI 100 can berepresentative of a status interface for the system 10 (FIGS. 1-2 ).

The GUI 100 includes a plurality of indicators 102. The plurality ofindicators 102 can be based on a maximum number of network devices thatare connectable to the computer device 12 (FIGS. 1-2 ). In theillustrated embodiment, 40 indicators 102 are shown. It is to beappreciated that the number can vary according to the principlesdescribed herein. Each indicator 102 includes a device label 104, astatus indicator 106, and a status summary 108.

In the illustrated embodiment, the device label 104 for each of theindicators 102 corresponds to a number of the port on the correspondingdevice for connecting the network devices. For example, in theillustrated embodiment, the device labels 104 range from 1 to 40.

In the illustrated embodiment, the status indicator 106 can include“Ready to Detect,” “Failed,” “Operation Complete,” or “In Progress.” Itis to be appreciated that these are examples and that the exact text canvary to be representative of statuses including open ports (e.g., readyfor a network device to be connected), unsuccessful attempts, completedattempts, or attempts still in progress.

In the illustrated embodiment, the status summary 108 can vary dependingon, for example, a current status. For example, in the indicators 102 inwhich the status indicator 106 is “Ready to Detect,” the status summary108 includes a message indicating that the user can connect a device. Inthe indicator 102 in which the status indicator 106 is “Failed,” thestatus summary 108 can include information about the device, an errorcode, any combination thereof, or the like. In the indicator 102 inwhich the status indicator 106 is “Operation Complete,” the statussummary 108 can include a model number, serial number, MAC address,duration to complete, any combination thereof, or the like. In theindicator 102 in which the status indicator 106 is “In Progress,” thestatus summary 108 can include a model number, a serial number, a MACaddress, a time taken, a status bar indicating a percentage complete,any combination thereof, or the like.

In some embodiments, the indicators 102 can be color coded or the likeso that the user can easily differentiate between statuses of thevarious network devices or open ports.

FIG. 6 shows a block diagram illustrating an internal architecture of anexample of a computer, according to some embodiments. In someembodiments, the computer can be, for example, the computer device 12and/or server device 14 in accordance with some embodiments. A computeras referred to herein refers to any device with a processor capable ofexecuting logic or coded instructions, and could be a server, personalcomputer, set top box, smart phone, pad computer or media device, toname a few such devices. As shown in the example of FIG. 6 , internalarchitecture 250 includes one or more processing units (also referred toherein as CPUs) 280, which interface with at least one computer bus 255.Also interfacing with computer bus 255 are persistent storagemedium/media 265, network interface 285, memory 260, e.g., random accessmemory (RAM), run-time transient memory, read only memory (ROM), etc.,media disk drive interface 270 as an interface for a drive that can readand/or write to media including removable media such as floppy, CD ROM,DVD, etc. media, display interface 275 as interface for a monitor orother display device, keyboard interface 290 as interface for akeyboard, pointing device interface 295 as an interface for a mouse orother pointing device, and miscellaneous other interfaces not shownindividually, such as parallel and serial port interfaces, a universalserial bus (USB) interface, and the like.

Memory 260 interfaces with computer bus 255 so as to provide informationstored in memory 260 to CPU 280 during execution of software programssuch as an operating system, application programs, device drivers, andsoftware modules that comprise program code, and/or computer executableprocess operations, incorporating functionality described herein, e.g.,one or more of process flows described herein. CPU 280 first loadscomputer executable process operations from storage, e.g., memory 260,storage medium/media 265, removable media drive, and/or other storagedevice. CPU 280 can then execute the stored process operations in orderto execute the loaded computer-executable process operations. Storeddata, e.g., data stored by a storage device, can be accessed by CPU 280during the execution of computer-executable process operations.

Persistent storage medium/media 265 is a computer readable storagemedium(s) that can be used to store software and data, e.g., anoperating system and one or more application programs. Persistentstorage medium/media 265 can also be used to store device drivers, suchas one or more of a digital camera driver, monitor driver, printerdriver, scanner driver, or other device drivers, web pages, contentfiles, playlists and other files. Persistent storage medium/media 265can further include program modules and data files used to implement oneor more embodiments of the present disclosure.

For the purposes of this disclosure a module is a software, hardware, orfirmware (or combinations thereof) system, process or functionality, orcomponent thereof, that performs or facilitates the processes, features,and/or functions described herein (with or without human interaction oraugmentation). A module can include sub-modules. Software components ofa module may be stored on a computer readable medium. Modules may beintegral to one or more servers, or be loaded and executed by one ormore servers. One or more modules may be grouped into an engine or anapplication.

Examples of computer-readable storage media include, but are not limitedto, any tangible medium capable of storing a computer program for use bya programmable processing device to perform functions described hereinby operating on input data and generating an output. A computer programis a set of instructions that can be used, directly or indirectly, in acomputer system to perform a certain function or determine a certainresult. Examples of computer-readable storage media include, but are notlimited to, a floppy disk; a hard disk; a random access memory (RAM); aread-only memory (ROM); a semiconductor memory device such as, but notlimited to, an erasable programmable read-only memory (EPROM), anelectrically erasable programmable read-only memory (EEPROM), Flashmemory, or the like; a portable compact disk read-only memory (CD-ROM);an optical storage device; a magnetic storage device; other similardevice; or suitable combinations of the foregoing.

In some embodiments, hardwired circuitry may be used in combination withsoftware instructions. Thus, the description is not limited to anyspecific combination of hardware circuitry and software instructions,nor to any source for the instructions executed by the data processingsystem.

The terminology used herein is intended to describe embodiments and isnot intended to be limiting. The terms “a,” “an,” and “the” include theplural forms as well, unless clearly indicated otherwise. The terms“comprises” and/or “comprising,” when used in this Specification,specify the presence of the stated features, integers, steps,operations, elements, and/or components, but do not preclude thepresence or addition of one or more other features, integers, steps,operations, elements, and/or components.

It is to be understood that changes may be made in detail, especially inmatters of the construction materials employed and the shape, size, andarrangement of parts without departing from the scope of the presentdisclosure. This Specification and the embodiments described areexamples, with the true scope and spirit of the disclosure beingindicated by the claims that follow.

What is claimed is:
 1. A method, comprising: determining, by a computerdevice, device information for a network device communicatively coupledto the computer device; retrieving, from a server device, aconfiguration file corresponding to the device information asdetermined; resetting the network device using the configuration file asretrieved; and clearing storage locations corresponding to the networkdevice.
 2. The method of claim 1, wherein determining, by a computerdevice, device information for a network device comprises determiningdevice information by enabling the computer device to connect to thenetwork device via an application.
 3. The method of claim 1, whereinretrieving the configuration file information from the server devicecorresponding to the device information comprises retrieving theconfiguration file information from the server device via an applicationon the server.
 4. The method of claim 1, wherein resetting the networkdevice using the configuration file comprises performing a factory resetof the network device and backing up firmware of the network device. 5.The method of claim 1, wherein resetting the network device using theconfiguration file comprises backing up firmware of the network device.6. The method of claim 5, wherein resetting the network device using theconfiguration file further comprises restoring the firmware of thenetwork device after clearing the storage locations of the networkdevice.
 7. The method of claim 1, further comprising removing a passcodefrom the network device before determining the device information forthe network device.
 8. The method of claim 1, further comprisingdetermining whether a serial number in the configuration filecorresponds to a format of allowed serial numbers.
 9. The method ofclaim 8, further comprising outputting an indication of whether theserial number in the configuration file corresponds to the format ofallowed serial numbers
 10. The method of claim 1, further comprising:determining, by the computer device, device information for a secondnetwork device communicatively coupled to the computer device;retrieving, from the server device, a second configuration filecorresponding to the device information as determined; resetting thesecond network device using the configuration file as retrieved; andclearing storage locations of the second network device.
 11. The methodof claim 10, wherein the second network device and the network deviceare communicatively coupled to the computer device for processingconcurrently.
 12. A system, comprising: a processing device, theprocessing device configured to execute instructions to: determine, by acomputer device, device information for a network device communicativelycoupled to the computer device; retrieve, from a server device, aconfiguration file corresponding to the device information asdetermined; reset the network device using the configuration file asretrieved; and clear storage locations corresponding to the networkdevice.
 13. The system of claim 12, wherein determining, by a computerdevice, device information for a network device comprises determiningdevice information by enabling the computer device to connect to thenetwork device via an application.
 14. The system of claim 12, whereinretrieving the configuration file information from the server devicecorresponding to the device information comprises retrieving theconfiguration file information from the server device via an applicationon the server.
 15. The system of claim 12, wherein resetting the networkdevice using the configuration file comprises performing a factory resetof the network device and backing up firmware of the network device. 16.The system of claim 12, wherein resetting the network device using theconfiguration file comprises backing up firmware of the network device.17. The system of claim 16, wherein resetting the network device usingthe configuration file further comprises restoring the firmware of thenetwork device after clearing the storage locations of the networkdevice.
 18. The system of claim 12, further comprising removing apasscode from the network device before determining the deviceinformation for the network device.
 19. The system of claim 12, whereinthe processing device is configured to determine whether a serial numberin the configuration file corresponds to a format of allowed serialnumbers.
 20. A non-transitory computer-readable storage mediumcomprising instructions, that when executed by a processor, cause theprocessor to perform a method, comprising: determining, by a computerdevice, device information for a network device communicatively coupledto the computer device; retrieving, from a server device, aconfiguration file corresponding to the device information asdetermined; resetting the network device using the configuration file asretrieved; and clearing storage locations corresponding to the networkdevice.